Seccomp

From Wikipedia, the free encyclopedia

You have new messages (last change).

seccomp is a simple sandboxing mechanism for the Linux kernel.

It allows a process to make a one-way transition into a "secure" state where it cannot make any system calls except exit(), read() and write() to already-open file descriptors. Should it attempt any other system calls, the kernel will terminate the process.

In this sense, it does not virtualize the system's resources but isolates the process from them entirely.

seccomp was first devised by Andrea Arcangeli in January 2005 for use in public grid computing and was originally intended as a means of safely running untrusted compute-bound programs.

 The neutrality of this section is disputed.
Please see the discussion on the talk page.

Arcangeli's CPUShare is the only service that makes use of this feature as of April 2006, and seccomp has been criticised ([1] Ingo Molnar's critique on linux-kernel mailing list) for impacting overall system performance whilst being bound to a service (CPUShare) that is burdened with patents that aim to restrict the freedoms of grid computing service providers.

A solution to eliminate the performance impact of Seccomp but without disabling Seccomp has been later posted to the linux kernel mailing list. The core of Seccomp by design generates no overhead: it was a secondary and optional feature that generated the overhead, but that optional feature can be easily disabled by default.

 This Linux-related article is a stub. You can help Wikipedia by expanding it.
Retrieved from "http://en.wikipedia.org../../../s/e/c/Seccomp.html"